Suncorp Bank App Terms and Conditions

1. Introduction

1.1 The Suncorp Bank App is an application designed for compatible iPhone and Android devices. The service is available for existing customers who have been issued an Internet Banking Customer ID.

2. Making transfers via the Send Money Option

2.1 Suncorp Bank App users are able to send money to other Suncorp accounts or accounts at other financial institutions or owned by third parties using the Send Money feature.

2.2 Send Money payments submitted before 5.30pm (AEST) on a business day (Monday to Friday AEST exclusive of recognised public holidays) will be sent to the destination the same day. Send Money payments submitted after this time may not be sent until the following business day. Please allow 1-3 days for a Send Money payment to reach its destination.

2.3 Send Money payments to other Suncorp accounts will be processed immediately.

2.4 It is your responsibility to check the details of each Send Money transfer and ensure that the account number, B.S.B. and amounts are correct, or your Send Money transfer may be unsuccessful or may be paid to an unintended account. We are not responsible for any loss suffered if the account numbers, B.S.B., or amounts of transactions you authorise are incorrect or invalid, or if you authorised transactions more than once in error. The account name of the account to which funds are being transferred to will not be used by us when transferring funds. Funds will generally be transferred to the account number provided regardless of whether the account name matches the account number, however, some financial institutions may validate the receiving account name as well. You must ensure that both the account number and account name are correct for the receiving party.

2.5 Once you authorise transactions to be processed generally we will not be able to stop, withdraw, suspend or delete the transfer, change any details or recover the funds. Mistaken internet payments are treated by us in accordance with the ePayments Code. Please refer to clauses 8 and 13 of these terms for more details.

2.6 If a transfer cannot be processed by the receiving financial institution, the funds will be returned to your account. This may take approximately 3 days but can take longer depending on the other financial institution.

3. Paying Bills with BPAY®

3.1 BPAY payments before 6.00pm (AEST) on a business day (Monday to Friday AEST exclusive of recognised public holidays) will be sent to the destination biller the same day. BPAY payments submitted after this time may not be sent to the following business day.

3.2 A BPAY payment may take longer to be credited to a biller under the BPAY Scheme if we receive your instruction on a day other than a Business Day or if another participant in the BPAY Scheme does not process a payment as soon as they receive it. You need to allow sufficient time for processing of bill payments.

4. Withdrawal Limits

4.1 There are two types of withdrawal limits that apply when processing payments in Internet Banking, Suncorp Bank App and Suncorp App:

1) Transaction Limit

When completing certain transactions in Internet Banking, Suncorp Bank App and Suncorp App and the total value of these transactions exceeds $3,000 in any given day we will require you to input a Security Token Code. More information on Security Tokens is available in clause 14. We may vary the Transaction Limit and/or the types of transactions which require a Security Token Code.

The table below details the types of transactions that utilise this daily transaction limit:

Transaction Limit

Internet Banking

Suncorp Bank App

Suncorp App

Between your own Suncorp Accounts

From your Suncorp Account to another Suncorp Account

To BSB/Account (other bank) (also known as “Send Money” or “Pay Someone” transaction)

To BPAY

To BPAY - Suncorp Super & ATO

International Transfer (a token for every transaction IS required)

N/A

N/A

Business Payments

N/A

N/A

2) Daily Limit

4.2 Your Daily Limit is a security measure to limit the amount of money that can be transferred from any of your accounts in Internet Banking, Suncorp Bank App and Suncorp App. Your default Daily Limit will be $5,000 unless we agree otherwise. Your Daily Limit will be shared across Internet Banking, Suncorp Bank App and the Suncorp App. We may vary the default Daily Limit at any time and provide at least 30 days’ notice of the change.

The table below details the types of transactions that utilise this daily limit:

Transaction Limit

Internet Banking

Suncorp Bank App

Suncorp App

Between your own Suncorp Accounts

From your Suncorp Account to another Suncorp Account

To BSB/Account (other bank) (also known as “Send Money” or “Pay Someone” transaction)

To BPAY

To BPAY - Suncorp Super & ATO

International Transfer (a token for every transaction IS required)

N/A

N/A

Business Payments

N/A

N/A

What happens if you exceed your daily limit:

4.2 The total of all transactions (including future dated and recurring payments) which utilise your Daily Limit across Internet Banking, Suncorp Bank App and Suncorp App on any given day from all of your accounts must be less than your daily limit. If you attempt to perform a transaction that exceeds your Daily Limit, it may be rejected.

5. Account Information

5.1 Information provided by Suncorp Bank App about your Account relates to transactions that we have processed and verified. Your Suncorp Bank App transactions will be processed in the normal course of business or at the times we tell you.

5.2 We are not responsible for delays, errors, inaccuracies, or omissions due to failure in any Mobile Device, the mobile network, any telephone system, any other electronic system or ancillary equipment or any other circumstances beyond our control.

6. Quick Balance

6.1 The Suncorp Bank App allows you to nominate one of your Accounts as a quick balance account. Your nominated quick balance account is able to be accessed from the home screen without you logging into the App. You only need to swipe on the home screen to view the account information.

6.2 The quick balance account information includes the designated name you have allocated to the account (if applicable, otherwise the default product name will show) and the current and available balances of the account you nominate.

6.3 The risk of nominating a quick balance account is that a third party could open the App and view your nominated account information without your consent or knowledge. By using the quick balance functionality, you accept this risk and hold Suncorp harmless and indemnify it from any claim, costs, damages or losses you suffer whatsoever as a result of you setting up a quick balance account on the App.

7. QuickShare

7.2 Suncorp Bank is not responsible for the issue of SMS incorporating QuickShare details. If there are technical issues or if the message doesn’t reach its intended destination, please refer to your telecommunications provider.

8. ePayments Code

8.1 Where you are an individual, the ePayments Code applies to the following transactions provided by us, each of which is an ePayments Transaction:

electronic card transactions, including ATM, EFTPOS, credit card and debit card transactions that are not intended to be authenticated by comparing a manual signature with a specimen signature,

Telephone banking and bill payment transactions,

Suncorp Bank App transactions, including by way of Send Money,

online transactions performed using a card number and expiry date,

online bill payments (including BPAY®),

transactions using facilities with contactless features and prepaid cards, not intended to be authenticated by comparing a manual signature with a specimen signature,

direct debits,

transactions using mobile devices,

mail order transactions not intended to be authenticated by comparing a manual signature with a specimen signature, and

any other transaction specified by the Australian Securities & Investments Commission.

8.2 We will comply with the ePayments Code where it applies.

We agree to follow the rules of the ePayments Code for ePayments transactions made in Australia and we give you a warranty that we will do so.

This does not apply to:

an Account that is designed primarily for use by a business, and established primarily for business purposes, or

a facility where you and Suncorp Bank do not have a contractual relationship.

It also does not apply in relation to Everyday Super Accounts, other than a contribution from a Suncorp Bank account to an Everyday Super Account, which is processed as a Bpay payment.

It does not apply in relation to Suncorp Insurance or Suncorp Life Insurance.

9. Your Secret Code Security Requirements

9.1 Secret Codes enable access to your financial products and services held with the Suncorp Group Entities and must not be disclosed to anyone, including a family member or friend. Secret Code is your PIN, Telephone Access Code, Internet Banking Password, Customer ID, App Passcode, Mobile Device Passcode, Security Token Code, Security Token Passcode, External Transfer Password or other particular access method we give you as your Secret Code.

9.2 Suncorp Bank App allows you to optionally create a 4-digit passcode to logon to banking services (App Passcode) or use fingerprints or Face Id you store on your Mobile Device to logon to the Suncorp Bank App (App Biometrics Login). In order to protect yourself from unauthorised logins, you should NOT choose a App Passcode which incorporates:

your date of birth;

your driver's license number;

a series of consecutive or the same numbers; or

the same number as any Mobile Device Passcode.

9.3 Once you have nominated how you will logon, you will not be required to enter your Customer ID, Internet Banking Password or Security Token (if enabled) into the App. You will only be required to use a single logon option, either App Passcode or App Biometrics Login.

9.4 You can reset the App Passcode at any time within the App by going to settings.

9.5 Where you have opted to enable fingerprint or Face ID (Biometrics), any of the Biometrics you store on your Mobile Device will be used as an authentication for any transactions in banking services. You should ensure that only your Biometrics are stored on your Mobile Device. When you logon using App Biometrics Login and make transactions you instruct us to perform those transactions.

9.6 Identical twins (or triplets, etc.) and customers below the age of 13 must NOT use the Face ID function, and instead revert to using an App Passcode as authentication, to prevent a ‘false match’ and possible unauthorised access to your Mobile Device and the App.

9.7 You can delete any of the Biometrics authentications you store on your Mobile Device at any time by going into your Mobile Device settings.

9.8 You can record your Secret Codes to help you remember them but they must be reasonably disguised. You should NOT:

reverse the order of the Secret Code;

say a disguised number is your Secret Code;

disguise your Secret Code as a telephone number;

replace your Secret Code with letters (eg. A=1, B=2, C=3);

write numbers that contain the same sequence of numbers as your Secret Code;

record it on any Mobile Device where it can easily be retrieved;

keep a record of it in close proximity to where it can be obtained with the access method (for example next to your Mobile Device) unless you make a reasonable attempt to protect the security of the Secret Code; or

keep a written record of all Secret Codes required to perform transactions on one or more articles at risk to be lost or stolen simultaneously, without making a reasonable attempt to protect the security of the Secret Code(s).

These are only examples. There are other ways that you should not use to disguise Secret Codes so as to make your Secret Codes obvious to another person.

9.9 If a Secret Code is compromised, you are required to tell us quickly and without delay by telephoning our hotline number which is available 24 hours a day on 1800 775 020.

9.10 Your liability for losses arising from an unauthorised transaction will be determined under the ePayments Code (refer to clause 10 to clause 12 of these Terms and Conditions).

10. When You are Not Liable for Any Losses

10.1 An unauthorised transaction, that is a transaction you do not authorise, does not include any transaction carried out by you or by anyone performing a transaction with your knowledge and consent. you will not be liable for losses resulting from unauthorised transactions where it is clear that you have not contributed to the loss.

10.2 Where you do not authorise a transaction, you will not be responsible for losses which:

are caused by fraudulent or negligent conduct of our staff or agents of ours or third parties involved in networking arrangements or merchants or their agents or employees;

are losses relating to an Identifier, Device or Secret Code which is forged, faulty, expired, or cancelled;

arise from a transaction which required the use of any Device and / or Secret Code that occurred before you received any Device and / or Secret Code or reissued Device and / or Secret Code;

are caused by the same transaction being incorrectly debited more than once to the same Account;

arise from unauthorised transactions performed after we have been informed that the Device has been misused, lost or stolen or the security of the Secret Code has been breached;

arise from unauthorised transactions that can be made using an Identifier without a Secret Code or Device or can be made using a Device, or a Device and an Identifier, but does not require a Secret Code, if you do not unreasonably delay reporting the loss or theft of the Device; and / or

are losses which occur while our processes are unavailable, provided that a report is made within a reasonable time of the process again becoming generally available.

11. When You are Liable for Losses

11.1 You will be liable for losses resulting from transactions which are carried out by you or by another person with your knowledge and consent.

11.2 Where we can prove on the balance of probability that you have contributed to a loss through fraud, or breaching the Secret Code security requirements in clause 9 or clause 12:

You are liable in full for the actual losses that occur before the loss, theft or misuse of a Device or breach of Secret Code security is reported to us, but

You are not liable for the portion of losses:

incurred on any one day that exceeds any applicable daily transaction limit,

incurred in any period that exceeds any applicable periodic transaction limit,

that exceeds the balance on the Account, including any pre-arranged credit, or

incurred on any Account that we and you had not agreed could be accessed using the Device or Identifier and/or Secret Code used to perform the transaction.

Where:

more than one Secret Code is required to perform a transaction, and

we prove that you breached the Secret Code security requirements in clause 9 or clause 12 for one or more of the required Secret Codes, but not all of the required Secret Codes,

You are liable as outlined above only if we prove on the balance of probability that the breach of the Secret Code security requirements under clause 9 or clause 12 was more than 50% responsible for the losses, when assessed together with all the contributing causes.

Where we can prove, on the balance of probability, that you contributed to losses resulting from an unauthorised transaction by unreasonably delaying reporting the misuse, loss or theft of a Device, or that the security of all Secret Codes has been breached, you:

are liable for the actual losses that occur between:

when you became aware of the security compromise, or should reasonably have become aware in the case of a lost or stolen Device, and

when the security compromise was reported to us, but

are not liable for any portion of the losses:

incurred on any one day that exceeds any applicable daily transaction limit,

incurred in any period that exceeds any applicable periodic transaction limit,

that exceeds the balance on the Account, including any pre-arranged credit, or

incurred on any Account that we and you had not agreed could be accessed using the Device and/or Secret Code used to perform the transaction.

Where a Secret Code was required to perform the unauthorised transactions, and the other circumstances outlined in this clause above do not apply, you are liable for the least of:

$150.00, or a lower figure determined by us;

the balance of the Account or Accounts which we and you have agreed may be accessed using the Device and / or Secret Code, including any prearranged credit; or

the actual loss at the time the misuse, loss or theft of a Device or breach of the Secret Code security is reported to us, excluding that portion of the losses incurred on any one day which exceeds any relevant daily transaction limit or any other periodic transaction limit.

11.3 We, or our external dispute resolution body, have a discretion to reduce your liability in the circumstances set out in the ePayments Code.

11.4 If you report an unauthorised transaction on a debit card Account:

we must not hold you liable for losses under this clause for an amount greater than the liability of you if we exercised any rights we had under the rules of the card scheme at the time the report was made, against other parties to the scheme (for example, charge-back rights), and

this clause does not require us to exercise any rights we may have under the rules of the card scheme. However, we cannot hold you liable under this clause for a greater amount than would apply if we had exercised those rights.

12. Our requirements of you to protect your account against unauthorised transactions

12.1 Anytime you make a Send Money payment to an account you have not previously sent money to, we will automatically issue an email to you notifying you of the payment. If you don't recognise the payment, you are to notify us straight away on 13 11 55.

12.2 You must:

never voluntarily disclose or give your Secret Codes or any other access method or Secret Code to anyone, including a family member or friend; or

where the access method uses a Security Token or other Device, not indicate one or more of the Secret Codes on the outside of the Device, or keep a record of one or more of the Secret Codes (without making any reasonable attempt to protect the security of the Secret Code records) on the one article, or on several articles, carried with the Device or liable to loss or theft simultaneously with the Device; or

where the access method comprises a Secret Code or Secret Codes without a Device, not keep a record of all the Secret Codes (without making any reasonable attempt to protect the security of the Secret Code records) on the one article, or on several articles so that they are liable to loss or theft simultaneously; or

where we permit you to select or change a Secret Code (and, immediately before your selection or change of the Secret Code, we specifically instruct you not to select a numeric Secret Code which represents your birth date or an alphabetical Secret Code which is a recognisable part of your name and we warn you of the consequences of such a selection) not select such a numeric or alphabetical Secret Code; or

not act with extreme carelessness in failing to protect the security of all the Secret Codes.

For the purposes of this clause, a reasonable attempt to protect the security of a Secret Code record includes either or both of:

making any reasonable attempt to disguise the Secret Codes within the record;

12.3 Notwithstanding the App Terms for the purposes of determining your liability for any losses resulting from unauthorised transactions using an electronic device and an access method we will comply with the requirements of the ePayments Code (except where the ePayments Code does not apply).

12.4 You agree you will

not leave your Mobile Device unattended and left logged into the App;

lock your Mobile Device or take other steps necessary to stop unauthorised use of your Mobile Device and the App;

notify Suncorp Bank immediately if your Mobile Device is lost or stolen;

not use the App for any purpose other than to carry out enquiries on your accounts or make bill or transfer payments;

not act fraudulently or maliciously in relation to the App or software e.g. you will not copy, modify, adversely effect, reverse engineer, hack into or insert malicious code into the App or its software; and

only install approved applications on your Device that you will not override the software lockdown on your Device (e.g. jailbreak your Device).

13. Mistaken Internet Payments

13.1 When the ePayments Code applies to a transaction made through an internet banking facility, we are bound by and follow the rules of the ePayments Code in relation to Mistaken Internet Payments. Other ADIs who have subscribed to the ePayments Code are required to follow the same processes. These processes do not apply to transactions where the ‘Send Money' Suncorp Bank App service used is a service designed primarily for use by a business and established primarily for business purposes.

This clause sets out how we will deal with Mistaken Internet Payments made by you and Mistaken Internet Payments received into your Account. You agree to us dealing with Mistaken Internet Payments in this way.

Reporting a Mistaken Internet Payment

13.2 You must report a Mistaken Internet Payment as soon as possible. You can report a Mistaken Internet Payment by:

13.3 You must give us full details of the transaction you are querying. We may require further information from you to investigate.

13.4 When you report a Mistaken Internet Payment we will give you a notification number or some other form of acknowledgment which you should retain as evidence of the date and time of your report.

When You Have Made a Mistaken Internet Payment

13.5 When you report a Mistaken Internet Payment to us, we as the Sending ADI, will investigate whether a Mistaken Internet Payment has occurred. We will require certain information to enable us to undertake that investigation, such as the BSB and Account number into which the Mistaken Internet Payment was made, the name of the party or the intended recipient and any further information you may have evidencing the mistake. We will contact you if we require further information.

13.6 If we are not satisfied that a Mistaken Internet Payment has occurred, we will not take any further action.

13.7 If we are satisfied that a Mistaken Internet Payment has occurred, we will send the Receiving ADI a request for the return of the funds. The Receiving ADI is required to acknowledge this request within 5 Business Days and advise us whether there are sufficient funds in the Account of the Unintended Recipient to cover the Mistaken Internet Payment.

13.8 The Receiving ADI will also investigate. If the Receiving ADI is not satisfied that a Mistaken Internet Payment has occurred, they will not return the funds.

13.9 We must inform you of the outcome of the reported Mistaken Internet Payment in writing and within 30 Business Days of the day on which you reported the Mistaken Internet Payment to us.

13.10 If the Receiving ADI returns the funds to us we will return the funds to you as soon as practicable. Usually, we will return funds to you by crediting the Account from which the Mistaken Internet Payment was made. If you no longer have an Account with us, or if it is not practicable to credit the returned funds to that Account, we will return funds to you by some other means.

13.11 Where we and the Receiving ADI are satisfied that a Mistaken Internet Payment has occurred, but there are not sufficient credit funds available in the Account of the Unintended Recipient to the full value of the Mistaken Internet Payment, the Receiving ADI must use reasonable endeavours to retrieve the funds from the Unintended Recipient for return to you (for example, by facilitating repayment of the funds by the Unintended Recipient by instalments).

When a Mistaken Internet Payment Is Made Into Your Account

13.12 When a Sending ADI sends a request to us, as Receiving ADI, of a Mistaken Internet Payment having been made into your Account, we will within 5 Business Days acknowledge that request and advise the Sending ADI whether there are sufficient funds in your Account to cover the Mistaken Internet Payment.

13.13 We will investigate whether a Mistaken Internet Payment has occurred.

13.14 If we are not satisfied that a Mistaken Internet Payment has occurred, we are not required to take any further action but we may seek your consent to return the funds.

13.15 If we are satisfied that a Mistaken Internet Payment has occurred, we will take action as follows:

(a) Process where funds are available and report is made within 10 Business Days

If a Mistaken Internet Payment is reported within 10 Business Days after the payment is made, we are satisfied that a Mistaken Internet Payment has occurred, and there are sufficient funds in your Account, we will withdraw the funds from your Account and arrange for the return of the funds to the Sending ADI within 10 Business Days.

(b) Process where funds are available and report is made within 10 Business Days and 7 months

If a Mistaken Internet Payment is reported between 10 Business Days and 7 months after the payment is made, we are satisfied that a Mistaken Internet Payment has occurred, and there are sufficient funds in your Account, we will complete our investigation into the reported Mistaken Internet Payment within 10 Business Days of receiving the request. If we are satisfied that a Mistaken Internet Payment has occurred, we will place a hold on your Account to prevent you from withdrawing the amount of the funds for a further 10 Business Days and notify you that we will withdraw the funds if you do not establish that you are entitled to the funds within that 10 Business Day period. If you fail to establish your entitlement within 10 Business Days, we will return the funds to the Sending ADI within 2 Business Days of the end of that period.

(c) Process where funds are available and report is made after 7 months

If a Mistaken Internet Payment is reported more than 7 months after the payment is made, there are sufficient funds in your Account and we are satisfied that a Mistaken Internet Payment has occurred, we will ask you if you agree to the return of the funds to the sender. If you consent to the return of the funds we must return the funds to the sender.

(d) Process where funds are not available in Your Account

Where we and the Sending ADI are satisfied that a Mistaken Internet Payment has occurred, but there are not sufficient credit funds available in your Account to the full value of the Mistaken Internet Payment, then we must use reasonable endeavours to retrieve the funds from you for return to the sender (for example, by facilitating repayment of the funds by you by instalments).

In each case, if we are not satisfied that a Mistaken Internet Payment has occurred, we may (but are not obliged to) seek your consent to return the funds.

13.16 We can prevent you from withdrawing funds the subject of a Mistaken Internet Payment where we are required to do so to meet our obligations under the ePayments Code.

Centrelink Direct Credit Payments

13.17 Where the Unintended Recipient of a Mistaken Internet Payment is receiving income support payments from Centrelink, we will recover the funds from the Unintended Recipient in accordance with the Code of Operation for Centrelink Direct Credit Payments.

Complaints about Mistaken Internet Payments

13.18 If you report a Mistaken Internet Payment to us as Sending ADI and you are unhappy with our handling of the matter, you can make a complaint to us. Please refer to clause 1.7 of the Terms and Conditions for Suncorp Bank Accounts and for Continuing Credit Accounts in relation to making complaints. If a complaint is made to another ADI where we are the Receiving ADI, we must cooperate with the other ADI's dispute resolution scheme.

14. Security Token

14.1 Unless we agree otherwise, a Security Token is required to be active and cannot be cancelled where:

your Daily Limit is over the default Daily Limit; or

you wish to process over the Transaction Limit as detailed in clause 4.1; or

you have an account or personal limit (business customers only).

14.2 A Security Token is not required and is optional when:

your daily limit is the default daily limit or less; and

you do not wish to process over the Transaction Limit as detailed in clause 4.1.

14.3 A fee is payable for the issue of each Physical Security Token.

14.4 When a Security Token is enabled:

you must use the Security Token Code when requested by us within Suncorp Bank App; and

Security Token Code is required when logging into the Suncorp Bank App.

14.5 You must keep your Physical Security Token safe and secure and advise us immediately if it is lost, stolen or misused. If it is lost, stolen or misused, we can cancel it and issue you with a temporary Security Token Code which is to be used for a limited period until we issue you with a new Physical Security Token.

14.6 The Physical Security Token will expire approximately 5 years from the time it is issued to you. The expiry date of the Physical Security Token can be found on the back of the Device. We will notify you 90 days before the Physical Security Token is due to expire in order for you to order a replacement Physical Security Token via Internet Banking.

14.7 Where your Security Token expires or is deactivated, and your daily limit is above the default daily limit, we may reduce your daily limit to the default daily limit until a new Security Token is activated and you request the limit to be increased.

14.8 When the Security Token expires or is deactivated you will be unable to process transactions which require a Security Token Code until a new Security Token is activated.

14.9 If you wish to cancel your Security Token please contact us to have your Security Token cancelled. You will be limited to transactions which do not require a Security Token Code (refer to clause 14.2 above).

15. Using Suncorp Bank App

15.1 We can cancel or suspend your access to Suncorp Bank App or any function or service incorporated in Suncorp Bank App at any time. If we do this, we will tell you in writing as soon as possible. We can also delay or refuse to process your instructions.

15.2 Instructions made through the Suncorp Bank App requiring transfer of funds (including BPAY bill payments) may not be carried out if you do not have enough cleared funds in the relevant account. We will notify you on screen if this occurs while attempting to perform an immediate transaction. We will notify you by Secure Message if this occurs if you have attempted to perform a future dated or recurring transfer or a transfer which requires two authorisations.

15.3 If you give us instructions for more than one transfer and/or bill payment and/or business payment on a particular date, we will determine the order in which the payments are made on that day.

16. Using the Suncorp Bank App on multiple Devices

16.1 After you have first registered on the Suncorp Bank App, you are permitted to register the App on additional Mobile Devices. If you exceed the acceptable number of Mobile Devices, you will be notified at the time of registration.

16.2 To register an additional Mobile Device you will be required to enter your Customer ID, Internet Banking Password and Security Token (if enabled). Once entered, you can then select your existing App Passcode or use App Biometrics Login to logon on the additional Device. If you have anyone else's fingerprint or Face ID stored on your device, you must delete their stored Biometrics authentications before setting up App Biometrics Login.

16.3 You agree you will:

not disclose your App Passcode to any other people, including any joint account holder;

not allow any other people to use your App Passcode or App Biometrics Login for the purpose of registering another Device for the App; and

register and store only your Biometrics on your Device when opting in for App Biometrics Login.

17. Joint account holders using a Suncorp Bank App Passcode

17.1 Joint account holders are not permitted to share Suncorp Bank App Passcodes. Each joint account holder must register separately for a Suncorp Bank App and establish their own App Passcode or App Biometrics Login.

17.2 During registration, each joint account holder will be required to enter their unique Customer ID. If you do not have a Customer ID unique to yourself, you can register for Internet Banking.

18. Signatories

18.1 Accounts with signing instructions of "any two signatories to sign" to authorise a transaction can use the Suncorp Bank App.

18.2 Once a transaction has been set up by a signatory it will await approval within the Suncorp Bank App from the second account signatory. The transaction can also be approved from Internet Banking. The transaction will not be successfully processed until it has been authorised by two signatories. If a transaction is still awaiting approval on the next payment date you requested, it will not be processed and will be deleted from the Suncorp Bank App and Internet Banking.

18.3 Where there are multiple signatories on an account, the authorisation of any (2) two will be accepted and the transaction processed.

18.4 Appropriate signatories will be notified in the Suncorp Bank App of any transactions awaiting approval.

19. View Only Access

19.1 If you ask us and we agree, we can provide Suncorp Bank App access to various accounts limited to "view only" access.

19.2 View only access means you can authorise a person to view transactional and account information, customer information and statement requests only.

20. Managing your Visa Debit card

20.1 Temporarily lock card

This functionality is available for Visa Debit cards only, and is designed to be used if you have misplaced your card or wish to restrict unauthorised use. All card payments will be declined while a card is locked. If a card is temporarily locked, any recurring card payments such as, online subscriptions and direct debits will also be declined. If a locked card is inserted into an ATM, it will be retained. Your card will remain locked until you unlock it. Temporarily locking your card does not report your card as lost or stolen. If your card has been lost or stolen, or if there has been any unauthorised transactions, you must report this to Suncorp as soon as possible in accordance with the terms and conditions that apply to your card. If you report a locked card as lost or stolen, or order a replacement card, the locked card will be cancelled.

20.2 Unlocking your card

If you temporarily lock your Visa Debit card using the Suncorp Bank App, and have not reported your card lost or stolen to Suncorp, you can unlock it anytime using the app. When you unlock your card, it will be active immediately.

20.3 Card security preferences

The Suncorp Bank App allows you to optionally control (turn off/on) the following transaction types for Visa Debit cards (Card Controls):

Visa payWave payments – use this control to disable contactless payments. If it’s turned off, you’ll always need to insert or swipe your card and enter your PIN when making purchases. This includes contactless purchases using your mobile device where you have included the card in a mobile wallet service.

Internet transactions (card not present transactions) – use this control to disable purchases via the internet or telephone from this card. If it’s turned off, any recurring transactions, such as online subscriptions, from this card will not be processed.

Overseas in-store payments – use this control to disable overseas in-store payments. If it’s turned off, physical in-store card purchases outside Australia will be declined. This does not include online payments from international companies.

Things you should know about card controls:

Only the card selected for the control will be impacted.

Only the card owner can set controls.

You can set more than one control for a card at any point in time.

The controls relate to the selected card, not the account.

The controls default position is ‘on’.

The control applies only to the 'credit' option available with your card and not any ‘cheque’ or ‘savings’ option.

Circumstances where the card controls may not apply:

Transactions that are made when a merchant's systems are offline.

Quasi cash transactions which is when your Visa Debit card is used for the purchase of items e.g. money orders, traveller’s cheques foreign currency and online gambling.

Suncorp relies on the transaction information provided by the merchant. If the authorisation request we receive doesn't match the exact criteria used to define the control you have set, the transaction may not be declined.

What Suncorp will do when you apply a control:

We will make all reasonable efforts to decline a transaction when we receive an authorisation request for a transaction which matches one of the controls you have set.

Suspension and cancellation of the service:

Suncorp may cancel or suspend the service or your use of the service or any controls at any time and without prior notice e.g. there is a systems breakdown, or Suncorp suspects a security breach such as suspect or fraudulent activity on your account.

You can stop using the service at any time. If you ask Suncorp to cancel the service we will set all the control indicators to the default setting for the control.

21. Online Cashback

21.1 You can only access Online Cashback where:

you have a loan with Suncorp Bank;

your loan contract provides you can access Cashback; and

all borrowers under your loan contract have satisfied any additional requirements of Suncorp Bank from time to time, that must be met before Suncorp Bank will allow you access to Online Cashback.

21.2 You can contact us on 13 11 55 to find out if you can access Cashback and to find out any additional requirements that must be satisfied before you will be allowed access to Online Cashback.

21.3 Suncorp Bank may refuse to allow you access to Online Cashback, even where Suncorp Bank's requirements have been satisfied.

21.4 Online Cashback will generally be available during business hours in Brisbane and may be available during other hours subject to Suncorp Bank's processing requirements.

21.5 At any time Suncorp Bank can withdraw your access to Online Cashback or limit the functions that can be performed using Online Cashback, without providing a reason.

21.6 Access to Online Cashback is subject to:

the terms and conditions of your loan contract;

these App Terms; and

any particular terms and conditions that you have agreed to before Suncorp Bank will provide you with access to Online Cashback.

21.7 Only immediate transactions can be performed using Online Cashback. Future dated or recurring transactions are not available.

21.8 Funds can only be transferred to another account and Suncorp Bank may at any time limit the accounts to which funds can be transferred. External transfers cannot be performed using Online Cashback.

21.9 The amount of funds that can be accessed through Online Cashback is called Available Cashback and is displayed on Account Details screen. You cannot access more than this amount through Online Cashback. In addition, there is a maximum limit of $99,999.00 for each Online Cashback Transaction.

21.10 Fees may apply for using Online Cashback. Full details can be obtained from your loan contract or by contacting us on 13 11 55.

21.11 You can continue to access Cashback in any other way permitted by Suncorp Bank, in accordance with your loan contract. For example, you can go to a branch to access Cashback.

21.12 You or any other borrower under your loan contract can request the cancellation of Online Cashback at any time in writing, by contacting us on 13 11 55, by going to a branch or by sending us a Secure Message. If you then wish to access Online Cashback again, you and all other borrowers under your loan contract will need to once more satisfy any additional requirements of Suncorp Bank from time to time, that must be met before Suncorp Bank will allow you access to Online Cashback.

22. Problems with Suncorp Bank App

22.1 If you think there has been a mistake or a transaction you did not authorise, you must phone us immediately on 13 11 55 and follow up with details in writing or by Secure Message. Your concerns or any problems will be investigated in the manner outlined in these Terms and Conditions.

22.2 To assist in obtaining a prompt resolution to the problem, please give us clear instructions as to the account number and Biller codes of any person or Biller involved in the problem and provide any supporting documentation which will assist in our investigation.

23. Other things you should know

23.1 Fees and charges

Fees may apply for Send Money Transfers and Security Tokens.

Government fees and charges, and standard account and transaction fees still apply. Full details of fees and charges are available from any Suncorp Store, or by phoning 13 11 55.

We can introduce new fees and charges and change fees and charges that apply to Suncorp Bank App, at any time. Where we have to give you notice of any new fees or charges we will do so.

You may incur charges from your mobile service provider for downloading and using the App. Suncorp is not liable in respect of these charges and we recommend you check with your service provider prior to using the App.

23.2 Using your location data

If you grant Suncorp Bank App permission to use your iPhone or Android phone's location information, we will log this location information for security purposes and to enable other App functionality where location information is required (e.g. nearest ATM).

23.3 Restriction, suspension, or termination

At any time we may restrict the types of accounts that can use Suncorp Bank App or we may change or restrict your use of or access to Suncorp Bank App by any Mobile Device. In addition, we may restrict the availability of some Suncorp Bank App functions (eg BPAY, Send Money Transfers) to particular types of accounts or Mobile Device.

We may suspend or terminate your use of the Suncorp Bank App without notice at any time, e.g. if we suspect unauthorised transactions have occurred or that the App is being misused.

23.4 Changes to these Terms and Conditions

At any time we may restrict the types of accounts that can use Suncorp Bank App or we may change or restrict your use of or access to Suncorp Bank App by any Mobile Device. In addition, we may restrict the availability of some Suncorp Bank App functions (eg BPAY, Send Money Transfers) to particular types of accounts or Mobile Device.

We may suspend or terminate your use of the Suncorp Bank App without notice at any time, e.g. if we suspect unauthorised transactions have occurred or that the App is being misused.

23.5 Electronic Communication

You agree to update Suncorp with any changes to your email address from time to time. You agree to Suncorp contacting you electronically at the email address you have provided regarding transactions you make using the Suncorp Bank App.

In accepting these App Terms you agree that we can provide you with any information required to be given to you by law or any code including the Code of Banking Practice and ePayments Codes; as well as non-marketing communications, by electronic communication, unless any law or code requires otherwise.

In accepting these App Terms you agree that we and any related companies that use the Suncorp brand can contact you by email about news, special offers, products and services that may be of interest to you. We will engage in marketing unless you tell us otherwise. You can change your marketing preferences at any time.

23.6 No Warranty

While we have made every effort to ensure that information provided in the Suncorp Bank App is free from error, Suncorp Bank does not warrant the accuracy or completeness of information provided in the App.

23.7 Liability and Indemnity

While we have made every effort to ensure that information provided in the Suncorp Bank App is free from error, Suncorp Bank does not warrant the accuracy or completeness of information provided in the App.

In accepting these App Terms you agree that we and any related companies that use the Suncorp brand can contact you by email about news, special offers, products and services that may be of interest to you. We will engage in marketing unless you tell us otherwise. You can change your marketing preferences at any time.

Suncorp Bank will not be responsible for any loss or damage arising from your access or use or attempted access or use of the Suncorp Bank App, including loss arising from any security breach, or if you have acted fraudulently (either alone or together with any other person), or if you have installed associated applications on your Mobile Device, or if you have caused or contributed to that loss or damage for example, by failing to comply with these or the Suncorp Bank Internet Banking Terms and Conditions.

Suncorp Bank will not be responsible for any inability of your Mobile Device to access or use the App.

You should satisfy yourself as to these matters before attempting to access or use the App.

24. Definitions

In these App Terms a reference to the singular include the plural and vice versa.

A reference to "we", "us" or "our" means Suncorp Bank.

A reference to "you" or "your" means each person separately and jointly who is an account owner or authorised to transact on an account.

In these App Terms words that are capitilised have the following meanings:

An "account" includes any of the following accounts with Suncorp Bank.

a savings account

term deposit

a cheque or Card account

an account which has a facility limit

a loan account

another account which we allow you to withdraw and deposit money

a lease

an equipment finance facility

a guarantee facility

It does not include Superannuation accounts

"ADI" has the same meaning as authorised deposit-taking institution in the Banking Act 1959 (Cth) or any successor term adopted by the Australian Prudential Regulation Authority.

"Mistaken Internet Payment" means a payment using a ‘pay anyone' internet banking facility (for example, an external funds transfer) processed by an ADI through direct entry where funds are paid into the account of an Unintended Recipient because the transferor entered or selected a BSB number and/or Identifier that does not belong to the named and/or intended recipient as a result of:

the transferor's error, or

the transferor being advised of the wrong BSB number and/or Identifier.

It does not include payments made using Bpay.

“Mobile Device” means an electronic device in which the Suncorp Bank App can be downloaded, and includes smartphones and tablets.

"Sending ADI" means an ADI which is a subscriber to the ePayments Code and whose customer has made an internet payment which you have reported as being a Mistaken Internet Payment.

“Suncorp App” means the mobile application designed to provide customers with access to products and services offered by Suncorp Group Limited ABN 66 145 290 124, its subsidiaries, related companies, and other third party providers, available for download under the name “Suncorp App”.

“Suncorp Bank App” means the mobile application that allows customers to engage in electronic transactions available for download under the name “Suncorp Bank”. Suncorp Bank App is not the Suncorp App.

Products and services including banking, superannuation and insurance (including home and car insurance) are provided by separate companies in the Suncorp Group. Suncorp Bank is only liable for the banking products or services it provides and not the products and services of the other companies in the Suncorp Group.